golem
/
twentyGOLEM
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Press This fixes. Props noel. fixes #10784 

git-svn-id: http://svn.automattic.com/wordpress/trunk@11944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2009-09-17 20:36:59 +00:00
parent c67e70dd91
commit 607ec769f0
2 changed files with 122 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
wp-admin/includes/media.php
View File

@ -249,8 +249,8 @@ function media_handle_upload($file_id, $post_id, $post_data = array()) {
*/ */
function media_handle_sideload($file_array, $post_id, $desc = null, $post_data = array()) { function media_handle_sideload($file_array, $post_id, $desc = null, $post_data = array()) {
$overrides = array('test_form'=>false); $overrides = array('test_form'=>false);
$file = wp_handle_sideload($file_array, $overrides);
$file = wp_handle_sideload($file_array, $overrides);
if ( isset($file['error']) ) if ( isset($file['error']) )
return new WP_Error( 'upload_error', $file['error'] ); return new WP_Error( 'upload_error', $file['error'] );
@ -279,7 +279,7 @@ function media_handle_sideload($file_array, $post_id, $desc = null, $post_data =
'post_content' => $content, 'post_content' => $content,
), $post_data ); ), $post_data );
// Save the data // Save the attachment metadata
$id = wp_insert_attachment($attachment, $file, $post_id); $id = wp_insert_attachment($attachment, $file, $post_id);
if ( !is_wp_error($id) ) { if ( !is_wp_error($id) ) {
wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) ); wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) );
@ -520,25 +520,33 @@ function media_upload_image() {
*/ */
function media_sideload_image($file, $post_id, $desc = null) { function media_sideload_image($file, $post_id, $desc = null) {
if (!empty($file) ) { if (!empty($file) ) {
$file_array['name'] = basename($file); // Download file to temp location
$tmp = download_url($file); $tmp = download_url($file);
$file_array['tmp_name'] = $tmp;
$desc = @$desc;
// Set variables for storage
// fix file filename for query strings
preg_match('/[^\?]+\.(jpg|JPG|jpe|JPE|jpeg|JPEG|gif|GIF|png|PNG)/', $file, $matches);
$file_array['name'] = basename($matches[0]);
$file_array['tmp_name'] = $tmp;
// If error storing temporarily, unlink
if ( is_wp_error($tmp) ) { if ( is_wp_error($tmp) ) {
@unlink($file_array['tmp_name']); @unlink($file_array['tmp_name']);
$file_array['tmp_name'] = ''; $file_array['tmp_name'] = '';
} }
$id = media_handle_sideload($file_array, $post_id, $desc); // do the validation and storage stuff
$id = media_handle_sideload($file_array, $post_id, @$desc);
$src = $id; $src = $id;
// If error storing permanently, unlink
if ( is_wp_error($id) ) { if ( is_wp_error($id) ) {
@unlink($file_array['tmp_name']); @unlink($file_array['tmp_name']);
return $id; return $id;
} }
} }
// Finally check to make sure the file has been saved, then return the html
if ( !empty($src) ) { if ( !empty($src) ) {
$alt = @$desc; $alt = @$desc;
$html = "<img src='$src' alt='$alt' />"; $html = "<img src='$src' alt='$alt' />";

49
wp-admin/press-this.php
View File

@ -42,29 +42,29 @@ function aposfix($text) {
function press_it() { function press_it() {
// define some basic variables // define some basic variables
$quick['post_status'] = 'draft'; // set as draft first $quick['post_status'] = 'draft'; // set as draft first
$quick['post_category'] = isset($_REQUEST['post_category']) ? $_REQUEST['post_category'] : null; $quick['post_category'] = isset($_POST['post_category']) ? $_POST['post_category'] : null;
$quick['tax_input'] = isset($_REQUEST['tax_input']) ? $_REQUEST['tax_input'] : ''; $quick['tax_input'] = isset($_POST['tax_input']) ? $_POST['tax_input'] : '';
$quick['post_title'] = isset($_REQUEST['title']) ? $_REQUEST['title'] : ''; $quick['post_title'] = isset($_POST['title']) ? $_POST['title'] : '';
$quick['post_content'] = ''; $quick['post_content'] = '';
// insert the post with nothing in it, to get an ID // insert the post with nothing in it, to get an ID
$post_ID = wp_insert_post($quick, true); $post_ID = wp_insert_post($quick, true);
$content = isset($_REQUEST['content']) ? $_REQUEST['content'] : ''; $content = isset($_POST['content']) ? $_POST['content'] : '';
$upload = false; $upload = false;
if( !empty($_REQUEST['photo_src']) && current_user_can('upload_files') ) if( !empty($_POST['photo_src']) && current_user_can('upload_files') )
foreach( (array) $_REQUEST['photo_src'] as $key => $image) foreach( (array) $_POST['photo_src'] as $key => $image)
// see if files exist in content - we don't want to upload non-used selected files. // see if files exist in content - we don't want to upload non-used selected files.
if( strpos($_REQUEST['content'], $image) !== false ) { if( strpos($_POST['content'], htmlspecialchars($image)) !== false ) {
$desc = isset($_REQUEST['photo_description'][$key]) ? $_REQUEST['photo_description'][$key] : ''; $desc = isset($_POST['photo_description'][$key]) ? $_POST['photo_description'][$key] : '';
$upload = media_sideload_image($image, $post_ID, $desc); $upload = media_sideload_image($image, $post_ID, $desc);
// Replace the POSTED content <img> with correct uploaded ones. Regex contains fix for Magic Quotes // Replace the POSTED content <img> with correct uploaded ones. Regex contains fix for Magic Quotes
if( !is_wp_error($upload) ) $content = preg_replace('/<img ([^>]*)src=\\\?(\"|\')'.preg_quote($image, '/').'\\\?(\2)([^>\/]*)\/*>/is', $upload, $content); if( !is_wp_error($upload) ) $content = preg_replace('/<img ([^>]*)src=\\\?(\"|\')'.preg_quote(htmlspecialchars($image), '/').'\\\?(\2)([^>\/]*)\/*>/is', $upload, $content);
} }
// set the post_content and status // set the post_content and status
$quick['post_status'] = isset($_REQUEST['publish']) ? 'publish' : 'draft'; $quick['post_status'] = isset($_POST['publish']) ? 'publish' : 'draft';
$quick['post_content'] = $content; $quick['post_content'] = $content;
// error handling for $post // error handling for $post
if ( is_wp_error($post_ID)) { if ( is_wp_error($post_ID)) {
@ -100,10 +100,11 @@ if ( ! empty($selection) ) {
$url = isset($_GET['u']) ? esc_url($_GET['u']) : ''; $url = isset($_GET['u']) ? esc_url($_GET['u']) : '';
$image = isset($_GET['i']) ? $_GET['i'] : ''; $image = isset($_GET['i']) ? $_GET['i'] : '';
if ( !empty($_REQUEST['ajax']) ) { if ( !empty($_GET['ajax']) ) {
switch ($_REQUEST['ajax']) { switch ($_GET['ajax']) {
case 'video': ?> case 'video': ?>
<script type="text/javascript" charset="utf-8"> <script type="text/javascript" charset="utf-8">
/* <![CDATA[ */
jQuery('.select').click(function() { jQuery('.select').click(function() {
append_editor(jQuery('#embed-code').val()); append_editor(jQuery('#embed-code').val());
jQuery('#extra_fields').hide(); jQuery('#extra_fields').hide();
@ -113,6 +114,7 @@ switch ($_REQUEST['ajax']) {
jQuery('#extra_fields').hide(); jQuery('#extra_fields').hide();
jQuery('#extra_fields').html(''); jQuery('#extra_fields').html('');
}); });
/* ]]> */
</script> </script>
<div class="postbox"> <div class="postbox">
<h2><label for="embed-code"><?php _e('Embed Code') ?></label></h2> <h2><label for="embed-code"><?php _e('Embed Code') ?></label></h2>
@ -125,12 +127,14 @@ switch ($_REQUEST['ajax']) {
case 'photo_thickbox': ?> case 'photo_thickbox': ?>
<script type="text/javascript" charset="utf-8"> <script type="text/javascript" charset="utf-8">
/* <![CDATA[ */
jQuery('.cancel').click(function() { jQuery('.cancel').click(function() {
tb_remove(); tb_remove();
}); });
jQuery('.select').click(function() { jQuery('.select').click(function() {
image_selector(); image_selector();
}); });
/* ]]> */
</script> </script>
<h3 class="tb"><label for="this_photo_description"><?php _e('Description') ?></label></h3> <h3 class="tb"><label for="this_photo_description"><?php _e('Description') ?></label></h3>
<div class="titlediv"> <div class="titlediv">
@ -139,16 +143,19 @@ switch ($_REQUEST['ajax']) {
</div> </div>
</div> </div>
<p class="centered"><input type="hidden" name="this_photo" value="<?php echo esc_attr($image); ?>" id="this_photo" /> <p class="centered">
<a href="#" class="select"><img src="<?php echo esc_url($image); ?>" alt="<?php echo esc_attr(__('Click to insert.')); ?>" title="<?php echo esc_attr(__('Click to insert.')); ?>" /></a></p> <input type="hidden" name="this_photo" value="<?php echo esc_attr($image); ?>" id="this_photo" />
<a href="#" class="select">
<img src="<?php echo esc_url($image); ?>" alt="<?php echo esc_attr(__('Click to insert.')); ?>" title="<?php echo esc_attr(__('Click to insert.')); ?>" />
</a>
</p>
<p id="options"><a href="#" class="select button"><?php _e('Insert Image'); ?></a> <a href="#" class="cancel button"><?php _e('Cancel'); ?></a></p> <p id="options"><a href="#" class="select button"><?php _e('Insert Image'); ?></a> <a href="#" class="cancel button"><?php _e('Cancel'); ?></a></p>
<?php break; <?php break;
case 'photo_thickbox_url': ?> case 'photo_thickbox_url': ?>
<script type="text/javascript" charset="utf-8"> <script type="text/javascript" charset="utf-8">
/* <![CDATA[ */
jQuery('.cancel').click(function() { jQuery('.cancel').click(function() {
tb_remove(); tb_remove();
}); });
@ -156,6 +163,7 @@ switch ($_REQUEST['ajax']) {
jQuery('.select').click(function() { jQuery('.select').click(function() {
image_selector(); image_selector();
}); });
/* ]]> */
</script> </script>
<h3 class="tb"><label for="this_photo"><?php _e('URL') ?></label></h3> <h3 class="tb"><label for="this_photo"><?php _e('URL') ?></label></h3>
<div class="titlediv"> <div class="titlediv">
@ -163,8 +171,6 @@ switch ($_REQUEST['ajax']) {
<input id="this_photo" name="this_photo" class="tbtitle text" onkeypress="if(event.keyCode==13) image_selector();" /> <input id="this_photo" name="this_photo" class="tbtitle text" onkeypress="if(event.keyCode==13) image_selector();" />
</div> </div>
</div> </div>
<h3 class="tb"><label for="photo_description"><?php _e('Description') ?></label></h3> <h3 class="tb"><label for="photo_description"><?php _e('Description') ?></label></h3>
<div id="titlediv"> <div id="titlediv">
<div class="titlewrap"> <div class="titlewrap">
@ -186,13 +192,13 @@ switch ($_REQUEST['ajax']) {
* @return string * @return string
*/ */
function get_images_from_uri($uri) { function get_images_from_uri($uri) {
if( preg_match('/\.(jpg|jpe|jpeg|png|gif)$/', $uri) && !strpos($uri,'blogger.com') ) if( preg_match('/\.(jpg|jpe|jpeg|png|gif)/', $uri) && !strpos($uri,'blogger.com') )
return "'".$uri."'"; return "'".html_entity_decode($uri)."'";
$content = wp_remote_fopen($uri); $content = wp_remote_fopen($uri);
if ( false === $content ) if ( false === $content )
return ''; return '';
$host = parse_url($uri); $host = parse_url($uri);
$pattern = '/<img ([^>]*)src=(\"|\')([^<>]+?\.(png|jpeg|jpg|jpe|gif))[^<>\'\"]*(\2)([^>\/]*)\/*>/is'; $pattern = '/<img ([^>]*)src=(\"|\')([^<>]+?\.(png|jpeg|jpg|jpe|gif)[^<>\'\"]*)(\2)([^>\/]*)\/*>/is';
preg_match_all($pattern, $content, $matches); preg_match_all($pattern, $content, $matches);
if ( empty($matches[0]) ) if ( empty($matches[0]) )
return ''; return '';
@ -210,7 +216,6 @@ switch ($_REQUEST['ajax']) {
return "'" . implode("','", $sources) . "'"; return "'" . implode("','", $sources) . "'";
} }
$url = urldecode($url); $url = urldecode($url);
$url = str_replace(' ', '%20', $url);
echo 'new Array('.get_images_from_uri($url).')'; echo 'new Array('.get_images_from_uri($url).')';
break; break;